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AMENDMENTS TO THE CLATMS 

1 . (Currently Amended) A hybrid authentication system for securing digital 
communications in a network and enabling a global enterprise, comprising: 

a distributed authentication infrastructure including a plurality of nodes in 
communication with each other, each of said plurality of nodes having an identification 
and intended to perform a series of functions, one of said series of functions for verifying 
said identification of said plurality of nodes; and 

a centralized authentication infrastructure integrated into said distributed 
authentication infrastructure and including a central server, said central server being 
coupled to said plurality of nodes and being utilized for verifying said identification of 
said plurality of nodes , wherein said central server can be utilized for supporting or 
replacing at least one of said plurality of nodes: 

wherein said distributed authentication infrastructure is initially implemented and 
said centralized authentication infrastructure is later integrated into said distributed 
authenticated infrastructure; 

wherein said distributed authentication infrastructure is selected from the group 
consisting of a threshold cryptography service model and a web-of-trust service model; 

wherein said centralized authentication system is selected from the group 
consisting of a public key infrastructure and a kerberos service model; 

wherein said plurality of nodes include at least one of a personal digital assistant, 
a digital pager, a digital fax machine, a [[vide]] video teleconferencing device, a wireless 
telephone, a portable computer, a desktop computer, and a communication device,. 
wherein said plurality of nodes includes a verifying node coupled to a new entity for 
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verifying the identification of said new entity and enrolling said new entity into the 
hybrid authentication system and wherein said verifying node signs a certificate related to 
said new entity . 

2. (canceled). 

3. (currently amended) The hybrid authentication system of claim [[2]] 1 wherein 
said new entity provides said verifying node with at least one predetermined credential. 

4. (canceled) 

5. (currently amended) The hybrid authentication system of claim [[4]] ]_ wherein 
said central server publishes a certificate revocation list, said verifying node examining 
said certificate revocation list for determining whether said certificate has been revoked. 

6. (currently amended) The hybrid authentication system of claim [[4]] I wherein 
a quorum of said plurality of nodes publishes a certificate revocation list, said verifying 
node examining said certificate revocation list for determining whether said certificate 
has been revoked. 

7. (currently amended) The hybrid authentication system of claim [[2]] 1 wherein 
said central server is said new entity. 

8. (Original) The hybrid authentication system of claim 1 wherein said distributed 
authentication infrastructure requires a quorum of said plurality of nodes for enrolling a 
new entity into the hybrid authentication system. 

9. (Original) The hybrid authentication system of claim 8 wherein each node of 
said quorum utilizes a partial key for partially signing a certificate related to said new 
entity so as to provide said new entity with a full signature. 
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10. (Original) The hybrid authentication system of claim 9 wherein said central 
server publishes a certificate revocation list, each node of said quorum examining said 
certificate revocation list for determining whether said certificate has been revoked. 

1 1 . (Original) The hybrid authentication system of claim 8 wherein said central 
server is said new entity. 

12. (Original) The hybrid authentication system of claim 1 wherein said central 
server is coupled to a new entity and is utilized for verifying the identification of said 
new entity and enrolling said new entity into the hybrid authentication system, said 
central server producing a log for recording a plurality of failed authentications and a 
plurality of failed enrollments by said plurality of nodes. 

13. (Original) The hybrid authentication system of claim 1 wherein said central 
server is coupled to said plurality of nodes for at least one of issuing a global directive 
thereto and bolstering said plurality of nodes by assisting with at least one of an 
enrollment task, an authentication task, and a permission granting task. 

14. (Original) The hybrid authentication system of claim 13 wherein said global 
directive includes at least one of a rekey instruction and a critical trust chain path, said 
rekey instruction and said critical trust chain path for providing a secured data transfer 
line. 

15. (Original) The hybrid authentication system of claim 1 wherein said plurality 
of nodes includes a first node and a second node coupled to said first node, said first node 
presenting a first certificate to said second node for authenticating said first node. 

16. (Original) The hybrid authentication system of claim 15 wherein said second 
node examines a certificate revocation list prepared by said central server, said second 
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node examining said certificate revocation list for determining whether said first 
certificate has been revoked. 

17. (Original) The hybrid authentication system of claim 15 wherein said second 
node examines a certificate revocation list prepared by a quorum of said plurality of 
nodes, said second node examining said certificate revocation list for determining 
whether said first certificate has been revoked. 

18. (Original) The hybrid authentication system of claim 15 wherein said second 
node is coupled to a trusted third party node from said plurality of nodes, said second 
node producing an authentication task signed by said first node and sending said 
authentication task to said trusted third party node, said trusted third party node verifying 
said identification of said first node. 

19. (Original) The hybrid authentication system of claim 15 wherein said second 
node presents a second certificate to said first node for authenticating said second node. 

20. (Original) The hybrid authentication system of claim 19 wherein said first 
node examines a certificate revocation list prepared by said central server, said first node 
examining said certificate revocation list for determining whether said second certificate 
has been revoked. 

21. (Original) The hybrid authentication system of claim 19 wherein said first 
node examines a certificate revocation list prepared by a quorum of said plurality of 
nodes, said first node examining said certificate revocation list for determining whether 
said second certificate has been revoked. 

22. (Original) The hybrid authentication system of claim 18 wherein said first 
node is coupled to a trusted third party node from said plurality of nodes, said first node 
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producing an authentication task signed by said second node and sending said 
authentication task to said trusted third party node, said trusted third party node verifying 
said identification of said first node. 

23. (currently amended) A hybrid authentication system, comprising: a distributed 
authentication infrastructure based on a threshold cryptography service model and 
including a plurality of nodes in communication with each other, each of said plurality of 
nodes having an identification and intended to perform a series of functions, one of said 
series of functions for verifying said identification of said plurality of nodes; and a 
centralized authentication infrastructure based on a public key infrastructure and 
integrated into said distributed authentication infrastructure, said centralized 
authentication infrastructure including a certificate authority coupled to said plurality of 
nodes and utilized for verifying said identification of said plurality of nodes: wherein said 
plurality of nodes includes a verifying node coupled to a new entity for verifying the 
identification of said new entity and enrolling said new entity into the hybrid 
authentication system and wherein said verifying node signs a certificate related to said 
new entity and wherein said distributed authentication infrastructure is initially 
implemented and said centralized authentication infrastructure is later integrated into said 
distributed authenticated infrastructure. 

24. (currently amended) A hybrid authentication system, comprising: a distributed 
authentication infrastructure based on a web-of-trust service model and including a 
plurality of nodes in communication with each other, each of said plurality of nodes 
having an identification and intended to perform a series of functions, one of said series 
of functions for verifying said identification of said plurality of nodes; and a centralized 
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authentication infrastructure based on a public key infrastructure and integrated into said 
distributed authentication infrastructure, said centralized authentication infrastructure 
including a certificate authority coupled to said plurality of nodes and utilized for 
verifying said identification of said plurality of nodes; wherein said distributed 
authentication infrastructure is initially implemented and said centralized authentication 
infrastructure is later integrated into said distributed authenticated infrastructure , and 
wherein said plurality of nodes is a plurality of members including a first member and a 
second member, said certificate authority issuing a first group certificate to said first 
member that provides said first member with a first permission level, said certificate 
authority issuing a second group certificate to said second member that provides said 
second member with a second permission level . 

25. (canceled) 

26. (currently amended) The hybrid authentication system recited in claim [[25]] 
24 wherein said first group certificate enables said first member to enroll a new entity 
into the system and provide said new entity with a new permission level equivalent up to 
said first permission level. 

27. (currently amended) The hybrid authentication system recited in claim [[25]] 
24 wherein said second group certificate enables said second member to enroll a new 
entity into the system and provide said new entity with a new permission level equivalent 
up to said second permission level. 

28. (currently amended) The hybrid authentication system recited in claim [[25]] 
24 wherein said first permission level is greater than said second permission level. 
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29. (currently amended) A hybrid authentication system, comprising: a distributed 
authentication infrastructure including a plurality of nodes in communication with each 
other, each of said plurality of nodes having an identification and intended to perform a 
series of functions, one of said series of functions for verifying said identification of said 
plurality of nodes; and a centralized authentication infrastructure integrated into said 
distributed authentication infrastructure, said centralized authentication infrastructure 
including a certificate authority coupled to said plurality of nodes and utilized for 
verifying said identification of said plurality of nodes; wherein said centralized 
authentication infrastructure provides a signed certificate for verifying said identification 
and wherein said distributed authentication infrastructure is initially implemented and 
said centralized authentication infrastructure is later integrated into said distributed 
authenticated infrastructure. 

30. (Original) The hybrid authentication system of claim 29 wherein said central 
server is coupled to said plurality of nodes for at least one of issuing a global directive 
thereto and supporting said plurality of nodes by assisting with at least one of an 
enrollment task, an authentication task, and a permission granting task. 

31. (Original) The hybrid authentication system of claim 30 wherein said global 
directive includes at least one of a rekey instruction and a critical trust chain path, said 
rekey instruction and said critical trust chain path for providing a secured data transfer 
line. 

32. (Original) A method for creating the hybrid authentication system recited in 
claim 1, comprising: first coupling a plurality of nodes to each other in a distributed 
authentication infrastructure; then migrating said distributed authentication infrastructure 
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to a centralized authentication structure; and allocating at least one of an enrollment 
function and an authentication function between said central server and said plurality of 
nodes. 

33. (Original) The method of claim 32 wherein migrating comprises coupling a 
central server to said plurality of nodes. 

34. (Original) The method recited in claim 33 further comprising: coupling said 
central server to a verifying node of said plurality of nodes; sending at least one 
predetermined credential from said central server to said verifying node; enrolling said 
central server into the hybrid authentication system. 

35. (Original) The method recited in claim 33 further comprising: coupling said 
central server to a verifying node of said plurality of nodes; sending a certificate 
revocation list from said central server to said verifying node; enrolling said central 
server into the hybrid authentication system. 

36. (Original) The method recited in claim 32 further comprising: coupling a new 
entity to one of said plurality of nodes; sending at least one predetermined credential 
from said new entity to said verifying node; enrolling said new entity into the hybrid 
authentication system. 

37. (Original) The method recited in claim 32 further comprising: coupling a new 
entity to a verifying node of said plurality of nodes; sending a certificate revocation list 
from said new entity to said verifying node; enrolling said new entity into the hybrid 
authentication system. 
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38. (Original) The method recited in claim 32 further comprising: appointing said 
central server as a proxy for a quorum of said plurality of nodes and for fulfilling an 
enrollment task; and enrolling said new entity into the hybrid authentication system. 
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